Kristoffer Milligan wrote:
> This data is good to give me an idea of how many access rejects I am
> getting, but I have no clue from what usernames they are coming, nor WHY
> they were rejected. I know that the username in the inner tunnel is
> plaintext as well, meaning it looks like i.e [email protected].
See Module-Failure-Message. You should be able to log that, too.
> My question is;
> What should my SQL look like if I want to log the following data:
>
> Incremental id, 'Attempted/Cleartext Username', 'Attempted/Cleartext
> password', 'Access-Reject - {Rejection-Reason}', DATETIME ?
You need to update the "inner-tunnel" virtual server to copy that data
to the outer tunnel session. Then... log it.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
